nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-04-20 20:45:02 -05:00
Code Issues Projects Releases Wiki Activity

Emit a distinct error message when the SSH server's host key is invalid.

Browse Source 
This also means that FUZZING can just ignore host-key verification
failure while preserving invalid-host-key errors.
This commit is contained in:
Ben Harris 2015-10-18 20:16:39 +01:00
parent 12702cb17e
commit 7a5cb2838f
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssh.c
View File

@ -7126,13 +7126,17 @@ static void do_ssh2_transport(Ssh ssh, const void *vin, int inlen,
dmemdump(s->exchange_hash, ssh->kex->hash->hlen); dmemdump(s->exchange_hash, ssh->kex->hash->hlen);
#endif #endif
if (!s->hkey || if (!s->hkey) {
!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen, bombout(("Server's host key is invalid"));
crStopV;
}
if (!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
(char *)s->exchange_hash, (char *)s->exchange_hash,
ssh->kex->hash->hlen)) { ssh->kex->hash->hlen)) {
#ifndef FUZZING #ifndef FUZZING
bombout(("Server's host key did not match the signature supplied")); bombout(("Server's host key did not match the signature supplied"));
crStopV; crStopV;f
#endif #endif
} }